Path: utzoo!censor!geac!torsqnt!news-server.csri.toronto.edu!cs.utexas.edu!usc!wuarchive!uunet!mcsun!ukc!axion!delluk!tim From: tim@delluk.uucp (Tim Wright) Newsgroups: comp.unix.sysv386 Subject: Re: Unix & X-Windows on 386SX Message-ID: Date: 3 Dec 90 10:00:13 GMT References: <2318@tabbs.UUCP> <1990Nov30.025126.12879@fiver> Sender: usenet@delluk.uucp (Usenet posting login) Organization: Dell Computer Corp., Bracknell, UK Lines: 38 In <1990Nov30.025126.12879@fiver> palowoda@fiver (Bob Palowoda) writes: >From article <2318@tabbs.UUCP>, by aris@tabbs.UUCP (Aris Stathakis): >> In <156@raysnec.UUCP> shwake@raysnec.UUCP (Ray Shwake) writes: >> >>>palowoda@fiver (Bob Palowoda) writes: >> >>>> Anyways it is a sad day when >>>>buyers are willing to pay more to take a feature out of product. C2 is >>>>not part of UNIX. It's part of the goverment. I like ISC idea you buy >>>>it in a different package. What's wrong with that. >> >> What's wrong with that is that it isn't C2. The C2 standard states that >> it must be included in the product, and you cannot have the same product >> without the C2 security - or else it does not constitute C2. > What is the rationale behind this? Not sure. The C2 security for SCO 3.2 was not part of the product anyway. It was glued on and the glue shows in places. It does certain things which are not necessary for C2 (luids) and as far as I can see misses out slightly on others (aren't you supposed to have ACLs - the group stuff doesn't really cut it even if you had BSD/POSIX-style multiple-group membership). With reference to Security for V.4, no you do not have to have any security level to call your V.4 system UNIX. The AT&T code supplied is not C2 or B2 etc. rated. I believe AT&T are producing a version and I think it's called System V/MLS - somebody will probably know better :-) As has been pointed out, MOST people running unix do NOT want any higher level security than is already provided. It only gets in the way. I get the distinct feeling that if you want "high" levels of security, you shouldn't be running unix in the first place. Any comments ? Tim -- Tim Wright, Dell Computer Corp. (UK) | Email address Bracknell, Berkshire, RG12 1RW | Domain: tim@dell.co.uk Tel: +44-344-860456 | Uucp: ...!ukc!delluk!tim "What's the problem? You've got an IQ of six thousand, haven't you?"